Tag: Policy

[PCWorld] You already know the basics of internet security, right? But when you’ve got the basics covered, but you still don’t feel secure, what can you do? Here are a few advanced security tips to help you thwart some of today’s most common attacks. http://www.pcworld.com/article/201309/security_secrets_the_bad_guys_dont_want_you_to_know.html?&tk=hp_fv Urs

The Security Compliance Manager will help you accelerate knowledge to merge best practices, customize once to centralize decision making, and export to multiple formats to enable monitoring, verification, and compliance. The tool is designed to help accelerate your organization’s ability to efficiently manage the security and compliance process for the most widely used Microsoft technologies….

Centre for the Protection of National Infrastructure: This publication offers security advice and good practice for any organisation looking to protect against the risk of a terrorist act or limit the damage such an incident could cause. It sets out how a security plan might be developed and updated, the key measures that can help…

Victor Beitner, a security expert who reconfigures photocopy machines destined for resale in Toronto, says businesses are completely unaware of the potential information security breach when the office photocopier is replaced. They think the copier is just headed for a junkyard but, in most cases, when the machine goes, so does sensitive data that have…

[NIST] With the dwindling number of IPv4 addresses, the Office of Management and Budget (OMB) mandated that U.S. federal agencies begin using the IPv6 protocol. This document provides guidelines for organizations to securely deploy IPv6. http://csrc.nist.gov/publications/drafts/800-119/draft-sp800-119_feb2010.pdf Urs

If you go solely by top-level stats on encryption use, you’ll come away feeling pretty secure — 86 percent of the 499 business technology professionals responding to our InformationWeek Analytics State of Encryption Survey employ encryption of some type. But that finding doesn’t begin to tell the real story. Only 14 percent of respondents say…

Using your laptop to get work done away from your office or on the road is becoming widely accepted. But this rapid growth in laptop computing has made portable systems the target for theft around the world. If your laptop computer is stolen, company information can be exposed, as well as your personal and financial…

EMET, short for Enhanced Mitigation Evaluation Toolkit, allows developers and administrators to add specific security protections to applications. Unlike mitigations released in the past, EMET doesn’t require programs to be recompiled, so it can be used to fortify applications even when the source code isn’t available. http://blogs.technet.com/srd/archive/2009/10/27/announcing-the-release-of-the-enhanced-mitigation-evaluation-toolkit.aspx -Urs

As part of its commitment to make the SDL more accessible to every developer, Microsoft is delivering three new programs and tools: discover the Microsoft SDL Pro Network, the Microsoft SDL Optimization Model, and the Microsoft SDL Threat Modeling Tool v3. http://msdn.microsoft.com/en-us/security/cc448177.aspx Urs